12-25-2015 07:52 AM
Hey All,
We have installed a new NAS and now I want it to be blocked from the Internet. I only want the NAS to be accessed from our computers inside our home network and not from the internet.
I inserted Firewall rules for the NAS (IP 192.168.2.11 see screenshots) but for some reason I can still access it through a special future "QuickConnect.to/NameNas" which I launch from my phone on the 4G network off my provider (turned off WIFI).
Any help is welcome...
Solved! Go to Solution.
12-28-2015 04:03 AM
Watch your screenshot.
The default rule " Allow All traffic From LAN Source 192.168.2.1/24 to Any Always" authorises all your LAN to go on the internet.
This default rule cannot be delleted so you have to add another rule like:
"Deny All traffic from LAN Source (Your NAS 192.168.2.11) to Destination Any Always"
12-27-2015 11:21 PM
Easiest solution - remove the default gateway from the NAS.
12-28-2015 02:58 AM
Ok, good idea, thx,
But still, I'm wondering why the firewall didn't work?
12-28-2015 04:03 AM
Watch your screenshot.
The default rule " Allow All traffic From LAN Source 192.168.2.1/24 to Any Always" authorises all your LAN to go on the internet.
This default rule cannot be delleted so you have to add another rule like:
"Deny All traffic from LAN Source (Your NAS 192.168.2.11) to Destination Any Always"
12-28-2015 05:10 AM
Ok thx,
Didn't know an outgoing rule is also necesary. The quickconnect app from the app seems blocked now.
12-28-2015 07:08 AM
Well if you don't have port redirection rules from internet to your nas, the incomming firewall rule is useless, no traffic is redirected from the WAN port to you NAS.
12-28-2015 09:03 AM
Are you saying that the firewall only works with port forwarding?
12-28-2015 11:15 AM
No no;
I'm just saying that the incoming firewall rules you added before with source interface WAN are not necessary IF NO port forwarding has been configured.
I gess your nas is not in DMZ, so if no port forwarding is configured with the NAS as destination, no traffic can exist from internet to the NAS, it can't pass after the router.
12-29-2015 01:27 AM
Maybe I should look up a book "networking for dummy's"?
I'm still confused because I always thought the internet is a two way street. My PC go's out to the WAN to access the internet, and then I get answers from the servers on internet incoming through the WAN port.
But reading your info, it doesn't work that way then?
Anyway, already thx for the reply's...
07-26-2016 02:05 PM
It may have been working before (without intentionally configuring it) if you enabled uPnP on the router.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide